I. INTRODUCTION
The Officer of the Comptroller of the Currency (OCC) has issued a final rule to clarify when a national bank or Federal savings association makes a loan and is a “true lender” in the context of a partnership between a bank and a third party.
The final rule was issued in response to divergent standards used by courts for determining which entity is the true lender of a loan made through such partnerships. This determination has important implications. If the bank is the true lender, the bank may export the interest rate to a non-bank purchaser of the loan, under the “valid when made” doctrine. The “valid when made” doctrine provides that if a loan is valid when it is made, with respect to the interest rate and other terms of the loan, then the loan remains valid and enforceable when assigned to a third-party.
The final rule specifies that a bank makes a loan and is the true lender if, as of the date of origination, the bank:
(a) is named as lender in the loan agreement; or
(b) funds the loan.
The final rule also states that “if, as of the date of origination, one bank is named as the lender in the loan agreement for a loan and another bank funds that loan, the bank that is named as the lender in the loan agreement makes the loan.”
The effective date of the final rule was December 29, 2020.
II. SUPERVISORY EXPECTATIONS
The OCC provided a list of its supervisory expectations for banks that are engage in partnerships with non-bank entities, as follows:
A. Responsibilities
Every bank is responsible for establishing and maintaining prudent credit underwriting practices that:
1. are commensurate with the types of loans the bank will make and consider the terms and conditions under which they will be made;
2. consider the nature of the markets in which the loans will be made;
3. provide for consideration, prior to credit commitment, of the borrower’s overall financial condition and resources, the financial responsibility of any guarantor, the nature and value of any underlying collateral, and the borrower's character and willingness to repay as agreed;
4. establish a system of independent, ongoing credit review and appropriate communication to management and to the board of directors;
5. take adequate account of concentration of credit risk; and
6. are appropriate to the size of the institution and the nature and scope of its activities.
B. Documentation
The bank is also responsible to have loan documentation procedures that:
1. enable the institution to make an informed lending decision and assess risk, as necessary, on an ongoing basis;
2. identify the purpose of the loan and the source of repayment and assess the ability of the borrower to repay the indebtedness in a timely manner;
3. ensure that any claim against the borrower is legally enforceable;
4. demonstrate appropriate administration and monitoring of a loan; and
5. take account of the size and complexity of the loan.
C. Internal controls
Every bank should also have appropriate internal controls and information systems to assess and manage the risks associated with its lending activities, including those that provide for monitoring adherence to established policies and compliance with applicable laws and regulations, as well as internal audit systems.
D. Compliance
A bank’s lending must comply with all applicable laws and regulations, including federal consumer protection laws. Examples, include:
1. Section 5 of the Federal Trade Commission Act (FTC Act) which provides that “unfair or deceptive acts or practices in or affecting commerce” are unlawful;
2. Dodd Frank Wall Street Reform and Consumer Protection Act which prohibits unfair, deceptive, or “abusive” acts or practices;
3. Anti-steering initiatives; and
4. CRA – related lending practices that violate federal lending laws. FTC Act or Home Ownership and Equity Protection Act, or that evidence other discriminatory or illegal credit practices that can adversely affect the bank's CRA performance rating.
E. Third-Party Risk Management
The OCC expects banks to adhere to its comprehensive guidance on third – party risk management. These standards apply to any relationship between a bank in a third-party, including lending relationships, regardless of which entity is the true lender. The OCC expects banks to institute appropriate safeguards to manage the risks associated with their third-party relationships.